package com.kindsoft.demo.ldap;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * Created by zhoujm on 2020/2/12/012.
 */
//@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
            .antMatchers("/hello").fullyAuthenticated()
//            .anyRequest().fullyAuthenticated()
            .and()
            .formLogin();
    }

    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
//        auth.ldapAuthentication()
//            .userDnPatterns("uid={0},ou=people")
//            .groupSearchBase("ou=groups")
//            .contextSource()
//            .url("ldap://localhost:389/dc=seecent,dc=com")
//            .and()
//            .passwordCompare()
//            .passwordEncoder(new BCryptPasswordEncoder())
//            .passwordAttribute("userPassword");
        auth.ldapAuthentication()
//                .userDnPatterns("cn={0},cn=users")
                .userSearchBase("")
                .userSearchFilter("(&(objectclass=person)(sAMAccountName={0}))")
                .contextSource()
                .url("ldap://unica-demo:389/dc=unicademo,dc=com")
                .and()
                .passwordCompare();
//                .passwordEncoder(new BCryptPasswordEncoder())
//                .passwordAttribute("userPassword");
    }

}
